Blog Post

Apple flashes privacy credentials and reveals iOS 8 encryption bonus

Apple chief Tim Cook has published an open letter setting out the company’s commitment to privacy – and, without saying it in so many words, inviting people to compare Apple with Google on that front.

The letter is the front page of a revamped privacy section on Apple’s website, which also aims to reassure customers about the security of their data on its health and smart home platforms, and reveals that the new iOS 8 mobile operating system puts much personal data behind a wall that even Apple itself cannot access.

This week Apple also turned on two-step authentication for iCloud backups, making data stored in that service less vulnerable to the type of hack that hit celebrities such as Jennifer Lawrence a few weeks ago.

“We don’t read your email”

“A few years ago, users of Internet services began to realize that when an online service is free, you’re not the customer. You’re the product. But at Apple, we believe a great customer experience shouldn’t come at the expense of your privacy,” Cook wrote.

“Our business model is very straightforward: We sell great products. We don’t build a profile based on your email content or web browsing habits to sell to advertisers. We don’t ‘monetize’ the information you store on your iPhone or in iCloud. And we don’t read your email or your messages to get information to market to you.”

Google, of course, does scan Gmail messages and other content flowing through or stored on its systems to better profile the user for ad targeting, and it tracks users’ surfing to achieve the same end. However, Google does promise not to use private documents uploaded to Drive for marketing or promotional purposes, and there’s no indication that the company pokes through what people store on their Android phones.

Cook pointed out that Apple’s iAd advertising network doesn’t draw on data from “Health and HomeKit, Maps, Siri, iMessage, your call history, or any iCloud service like Contacts or Mail.” On a separate page, Apple reiterated that app developers on the Health platform cannot sell Health data to advertisers. It also stressed that data stored on the customer’s device is encrypted using the customer’s password, and remains encrypted if the customer backs it up or shares it with a third party, both in transit and on Apple’s servers.

More protection

There’s also an interesting section on data access requests from law enforcement and other government agencies, that states:

On devices running iOS 8, your personal data such as photos, messages (including attachments), email, contacts, call history, iTunes content, notes, and reminders is placed under the protection of your passcode. Unlike our competitors, Apple cannot bypass your passcode and therefore cannot access this data. So it’s not technically feasible for us to respond to government warrants for the extraction of this data from devices in their possession running iOS 8.

As Ars Technica has pointed out, an accompanying change in the most recent iOS security guide suggests that, while Apple previously only applied its proprietary hardware-based Data Protection encryption tool to the Mail app, it now does the same for Messages, Calendar, Contacts, and Photo. Previously, it was able to offer up this information to law enforcement.

Of course, four-digit passcodes are relatively easy to crack, so users should use complex passcodes in mind if they want to ensure their privacy.

In his letter, Cook also reiterated that Apple has never “worked with any government agency from any country to create a backdoor in any of our products or services [or] allowed access to our servers” and “never will.” That’s admirable, though any government intrusions on Apple’s systems that don’t come through the front door (Apple received up to 250 national security letters in the first half of this year) would most likely involve lower-level employees, rather than senior management. If there is a backdoor – and I’m not saying there is – Tim Cook probably wouldn’t know about it.

Welcome approach

Overall, I think this is a very necessary set of moves, and hopefully one that will be good for the wider mobile ecosystem. It’s about time that vendors started putting trust front and center in their marketing pitches. Particularly as these devices start storing and transmitting health data and information about the functioning of people’s homes, customers need to be assured that this data will be held securely – indeed, they should demand it as a condition of adopting such services.

There’s a whiff of FUD about Cook’s no-names-named warnings over Android insecurity – Google is certainly shifty, but hopefully not that shifty – but if that threatens Google, then all the better. Google too needs to be more upfront about what it’s doing to protect the privacy of its users, and if there are elements of its activities that it’s quieter about, then perhaps that’s a message worth taking to heart.

For now, not counting niche anti-surveillance devices like the Android-derived but non-Google Blackphone, iPhones and iPads do appear to be the smarter choice for privacy-conscious people. As long as they remember to use two-factor authentication and strong passphrases.

It’s not just about email privacy, it’s in general. I mean Google itself said “Android was not designed to be safe”. If you care about privacy, then that in itself should make you worry. Google has never cared about your privacy, nor has Facebook. When something is free or cheap, it comes with a price. Whether it be as using ads to make money or harvesting data, they’re gonna make their money one way or another.

This is something that has concerned me for quite some time. Not one specific feature or the other, but the overall commitment to respecting privacy or on the flip side, the pervasiveness of the prying. Although I use a few Google services now, my inclination has been to shy away from them where acceptable alternatives are available. I was one of the first to order the very first Nexus phone when it first came out, but now shy away from Android phones even though their features may be tempting. It is not just Google, but the whole ecosystem around them – the presumptuousness of the apps with their take or leave it attitude towards the trove of private data they demand. I currently use Google Maps and Gmail on my iPhone as well as their search engine. I was planning to slowly wean myself away from them to an Infrastructure of Apple and others. This letter (which I learned of from your article) appears to have read my mind, although I saw Cook earlier on Charlie Rose show make the point informally. Thanks.

Great that encryption bonus, but that was available on Android for quite a while already ;-) However it is great to see the competition and if this stimulates Google to be more clear, it is even better.